ROI

Don’t trust infrastructure

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 11 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. A common way to take security and privacy measurements to comply with the GDPR is to use secure services and trusted infrastructure components. Continue reading “Don’t trust infrastructure”

Privacy Threat Modeling

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 12 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. To design systems with a low risk profile for privacy and security risks a good tool is to use thread modeling. Continue reading “Privacy Threat Modeling”

Metadata Anonymisation

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 13 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. A complicating factor is that in many documents you store and process private data can be hidden without you knowing. Continue reading “Metadata Anonymisation”

Every Move You Make

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 14 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. But even harder for Internet users is to be invisible using Internet communication when it mattes. Continue reading “Every Move You Make”

GDPR: Use a Privacy Reference Model

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 15 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. But using a Privacy Reference Model will help. Continue reading “GDPR: Use a Privacy Reference Model”

Privacy Benchmark your site

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 16 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. But before you are done it is advised that you perform a view simple privacy tests. Especially on your website(s). Continue reading “Privacy Benchmark your site”

GDPR: Pseudonymization or Anonymization

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 18 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to handle the GDPR is not straightforward when dealing with data masking.  Continue reading “GDPR: Pseudonymization or Anonymization”

The Web never forgets: The right to be forgotten

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 19 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to handle the GDPR is not straightforward. The GDPR introduces a right for individuals to have personal data erased. This right to erasure is also known as ‘the right to be forgotten’. Continue reading “The Web never forgets: The right to be forgotten”

Do you still use fingerprinting?

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 21 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design your systems to meet the GDPR is not straightforward. Especially when you make use of third-party services.

But tools and methods that can detect if you track users can help you when creating new Internet facing systems. Continue reading “Do you still use fingerprinting?”

No more confusion: An IP address is personal information

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 23 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining exactly what private data is not straightforward. What does not help is that a lot of information on many sites regarding on what is allowed under the GDPR is plain wrong. E.g. there is a lot of confusion about the object ‘IP address’. Is an IP address personal information or not? Continue reading “No more confusion: An IP address is personal information”